/*

    gl-oauth  OAuth related projects and samples.
    Copyright (c) 2012-2013 National Marrow Donor Program (NMDP)

    This library is free software; you can redistribute it and/or modify it
    under the terms of the GNU Lesser General Public License as published
    by the Free Software Foundation; either version 3 of the License, or (at
    your option) any later version.

    This library is distributed in the hope that it will be useful, but WITHOUT
    ANY WARRANTY; with out even the implied warranty of MERCHANTABILITY or
    FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
    License for more details.

    You should have received a copy of the GNU Lesser General Public License
    along with this library;  if not, write to the Free Software Foundation,
    Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307  USA.

    > http://www.fsf.org/licensing/licenses/lgpl.html
    > http://www.opensource.org/licenses/lgpl-license.php

 */
package org.immunogenomics.gl.oauth;

/**
 * Manages authorization using an AuthorizationProvider and a TokenStore.
 * 
 * @author mgeorge
 * 
 */
public class AuthorizationManager implements TokenValidator {

    private OAuthProvider authorizationProvider;
    private TokenStore tokenStore;

    public AuthorizationManager(OAuthProvider authorizationProvider, TokenStore tokenStore) {
        this.authorizationProvider = authorizationProvider;
        this.tokenStore = tokenStore;
    }

    public AccessTokenDetails validate(String token) {
        return tokenStore.get(token);
    }

    /**
     * Return an access token for the specified userid and realm.
     * 
     * @param userid
     * @param realm
     * @return
     */
    public String getAuthorization(String userid, String realm) {
        AuthorizationDetails authorization = authorizationProvider.getAuthorization(userid, realm);
        if (authorization == null) {
            // TODO: Consider better ways to handle this.
            return "NO_AUTHORIZATION";
        }
        AccessTokenDetails accessTokenDetails = new AccessTokenDetails();
        accessTokenDetails.setId("TrackingId");
        accessTokenDetails.setAuthorization(authorization);
        accessTokenDetails.setExpiresIn(authorization.getDuration());
        String token = tokenStore.add(accessTokenDetails);
        return token;
    }

    public void close() {
        authorizationProvider = null;
        tokenStore = null;
    }

}
